Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
archlinuxArchLinuxASA-202105-5
HistoryMay 19, 2021 - 12:00 a.m.

[ASA-202105-5] firefox: arbitrary code execution

2021-05-1900:00:00
security.archlinux.org
171

0.002 Low

EPSS

Percentile

59.7%

JSON

Arch Linux Security Advisory ASA-202105-5

Severity: High
Date : 2021-05-19
CVE-ID : CVE-2021-29952
Package : firefox
Type : arbitrary code execution
Remote : Yes
Link : https://security.archlinux.org/AVG-1917

Summary

The package firefox before version 88.0.1-1 is vulnerable to arbitrary
code execution.

Resolution

Upgrade to 88.0.1-1.

pacman -Syu “firefox>=88.0.1-1”

The problem has been fixed upstream in version 88.0.1.

Workaround

None.

Description

A security issue has been found in Firefox before version 88.0.1. When
Web Render components were destructed, a race condition could have
caused undefined behavior, and Mozilla presumes that with enough effort
may have been exploitable to run arbitrary code.

Impact

A remote attacker could execute arbitrary code through a crafted HTML
page.

References

https://www.mozilla.org/en-US/security/advisories/mfsa2021-20/#CVE-2021-29952
https://bugzilla.mozilla.org/show_bug.cgi?id=1704227
https://security.archlinux.org/CVE-2021-29952

OSVersionArchitecturePackageVersionFilename
ArchLinuxanyanyfirefox< 88.0.1-1UNKNOWN

Related

cve 1
nessus 3
fedora 2
redhatcve 1
alpinelinux 1
openvas 5
prion 1
cvelist 1
ubuntu 1
osv 1
debiancve 1
veracode 1
ubuntucve 1
kaspersky 1
redos 4
mozilla 1
cve
cve
CVE-2021-29952
2021-06-24 14:15:00
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerability (USN-4942-1)
2021-05-12 00:00:00
Mozilla Firefox < 88.0.1
2021-05-05 00:00:00
Mozilla Firefox < 88.0.1
2021-05-05 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: firefox-88.0.1-1.fc34
2021-05-12 05:45:24
[SECURITY] Fedora 33 Update: firefox-88.0.1-1.fc33
2021-05-14 21:13:06
redhatcve
redhatcve
CVE-2021-29952
2021-05-19 00:27:22
alpinelinux
alpinelinux
CVE-2021-29952
2021-06-24 14:15:00
openvas
openvas
Ubuntu: Security Advisory (USN-4942-1)
2021-05-12 00:00:00
Fedora: Security Advisory for firefox (FEDORA-2021-beac175abc)
2021-05-15 00:00:00
Mozilla Firefox Security Advisory (MFSA2021-20) - Linux
2021-11-08 00:00:00
prion
prion
Race condition
2021-06-24 14:15:00
cvelist
cvelist
CVE-2021-29952
2021-06-24 13:18:33
ubuntu
ubuntu
Firefox vulnerability
2021-05-10 00:00:00
osv
osv
firefox vulnerability
2021-05-10 21:10:49
debiancve
debiancve
CVE-2021-29952
2021-06-24 14:15:00
veracode
veracode
Denial Of Service (DoS)
2021-05-08 23:57:21
ubuntucve
ubuntucve
CVE-2021-29952
2021-05-07 00:00:00
kaspersky
kaspersky
KLA12164 Multiple vulnerabilities in Mozilla Firefox
2021-04-06 00:00:00
redos
redos
ROS-2-698
2021-09-08 00:00:00
ROS-2-465
2021-09-08 00:00:00
ROS-2-603
2021-09-08 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Firefox 88.0.1, Firefox for Android 88.1.3 — Mozilla
2021-05-05 00:00:00

0.002 Low

EPSS

Percentile

59.7%

JSON
Related for ASA-202105-5
cve1nessus3fedora2redhatcve1alpinelinux1openvas5prion1cvelist1ubuntu1osv1debiancve1veracode1ubuntucve1kaspersky1redos4mozilla1